Docjar: A Java Source and Docuemnt Enginecom.*    java.*    javax.*    org.*    all    new    plug-in

Quick Search    Search Deep
Home >> All >> java >> security >> [ cert Javadoc ]

java.security.cert: Javadoc index of package java.security.cert.


Package Samples:

java.security.cert

Classes:

X509Certificate: X509Certificate is the abstract class for X.509 certificates. This provides a stanard class interface for accessing all the attributes of X.509 certificates. In June 1996, the basic X.509 v3 format was finished by ISO/IEC and ANSI X.9. The ASN.1 DER format is below: Certificate ::= SEQUENCE { tbsCertificate TBSCertificate, signatureAlgorithm AlgorithmIdentifier, signatureValue BIT STRING } These certificates are widely used in various Internet protocols to support authentication. It is used in Privacy Enhanced Mail (PEM), Transport Layer Security (TLS), Secure Sockets Layer (SSL), code signing ...
X509CRL: The X509CRL class is the abstract class used to manage X.509 Certificate Revocation Lists. The CRL is a list of time stamped entries which indicate which lists have been revoked. The list is signed by a Certificate Authority (CA) and made publically available in a repository. Each revoked certificate in the CRL is identified by its certificate serial number. When a piece of code uses a certificate, the certificates validity is checked by validating its signature and determing that it is not only a recently acquired CRL. The recently aquired CRL is depends on the local policy in affect. The CA issues ...
PKIXCertPathChecker: A validator for X.509 certificates when approving certificate chains. Concrete subclasses can be passed to the PKIXParameters.setCertPathCheckers(java.util.List) 55 and PKIXParameters.addCertPathChecker(java.security.cert.PKIXCertPathChecker) 55 methods, which are then used to set up PKIX certificate chain builders or validators. These classes then call the check(java.security.cert.Certificate,java.util.Collection) 55 method of this class, performing whatever checks on the certificate, throwing an exception if any check fails. Subclasses of this must be able to perform their checks in the backward ...
X509Extension: Public interface for the X.509 Extension. This is used for X.509 v3 Certificates and CRL v2 (Certificate Revocation Lists) for managing attributes assoicated with Certificates, for managing the hierarchy of certificates, and for managing the distribution of CRL. This extension format is used to define private extensions. Each extensions for a certificate or CRL must be marked either critical or non-critical. If the certificate/CRL system encounters a critical extension not recognized then it must reject the certificate. A non-critical extension may be just ignored if not recognized. The ASN.1 definition ...
X509CRLEntry: Abstract class for entries in the CRL (Certificate Revocation List). The ASN.1 definition for revokedCertificates is revokedCertificates SEQUENCE OF SEQUENCE { userCertificate CertificateSerialNumber, revocationDate Time, crlEntryExtensions Extensions OPTIONAL -- if present, shall be v2 } OPTIONAL, CertificateSerialNumber ::= INTEGER Time ::= CHOICE { utcTime UTCTime, generalTime GeneralizedTime } Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension Extension ::= SEQUENCE { extnID OBJECT IDENTIFIER, critical BOOLEAN DEFAULT FALSE, extnValue OCTET STRING } For more information consult rfc2459.
X509CertSelector: A concrete implementation of CertSelector for X.509 certificates, which allows a number of criteria to be set when accepting certificates, from validity dates, to issuer and subject distinguished names, to some of the various X.509 extensions. Use of this class requires extensive knowledge of the Internet Engineering Task Force's Public Key Infrastructure (X.509). The primary document describing this standard is RFC 3280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile . Note that this class is not thread-safe. If multiple threads will use or modify ...
CertPathValidator: Generic interface to classes that validate certificate paths. Using this class is similar to all the provider-based security classes; the method of interest, validate(java.security.cert.CertPath,java.security.cert.CertPathParameters) 55 , which takes provider-specific implementations of CertPathParameters , and return provider-specific implementations of CertPathValidatorResult .
Certificate: The Certificate class is an abstract class used to manage identity certificates. An identity certificate is a combination of a principal and a public key which is certified by another principal. This is the puprose of Certificate Authorities (CA). This class is used to manage different types of certificates but have important common puposes. Different types of certificates like X.509 and OpenPGP share general certificate functions (like encoding and verifying) and information like public keys. X.509, OpenPGP, and SDSI can be implemented by subclassing this class even though they differ in storage ...
CertPathValidatorResult: Interface to the result of calling CertPathValidator.validate(java.security.cert.CertPath,java.security.cert.CertPathParameters) 55 . This interface defines no methods other than the required java.lang.Cloneable interface, and is intended to group and provide type safety for validator results. Providers that implement a certificate path validator must also provide an implementation of this interface, possibly defining additional methods.
CertPath: This class represents an immutable sequence, or path, of security certificates. The path type must match the type of each certificate in the path, or in other words, for all instances of cert in a certpath object, cert.getType().equals(certpath.getType()) will return true. Since this class is immutable, it is thread-safe. During serialization, the path is consolidated into a CertPath.CertPathRep , which preserves the data regardless of the underlying implementation of the path.
X509CRLSelector: A class for matching X.509 certificate revocation lists by criteria. Use of this class requires extensive knowledge of the Internet Engineering Task Force's Public Key Infrastructure (X.509). The primary document describing this standard is RFC 3280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile . Note that this class is not thread-safe. If multiple threads will use or modify this class then they need to synchronize on the object.
CertStoreSpi: The service provider interface ( SPI ) for the CertStore class. Providers wishing to implement a CertStore must subclass this class, implementing all the abstract methods. Providers may also implement the CertStoreParameters interface, if they require parameters.
PKIXCertPathValidatorResult: Results returned by the CertPathValidator.validate(java.security.cert.CertPath,java.security.cert.CertPathParameters) 55 method for PKIX CertPathValidator s.
CollectionCertStoreParameters: An implementation of CertStoreParameters with a simple, in-memory java.util.Collection of certificates and certificate revocation list. Note that this class is not thread-safe, and its underlying collection may be changed at any time.
CertificateFactorySpi: CertificateFactorySpi is the abstract class Service Provider Interface (SPI) for the CertificateFactory class. A provider must implement all the abstract methods if they wish to supply a certificate factory for a particular certificate type. Ex: X.509 Certificate factories are used to generate certificates and certificate revocation lists (CRL) from their encoding.
CertStoreParameters: Parameters used when creating instances of CertStore . This class does not define any methods (except a required cloneable interface) and is provided only to provide type safety for implementations. Concrete implementations implement this interface in accord with thier own needs.
CRLSelector: A generic interface to classes that match certificate revocation lists (CRLs) to some given criteria. Implementations of this interface are useful for finding CRL objects in a CertStore .
PKIXCertPathBuilderResult: The result of calling the CertPathBuilder.build(java.security.cert.CertPathParameters) 55 method of PKIX CertPathBuilder s.
PolicyQualifierInfo: The PolicyQualifierInfo X.509 certificate extension. PolicyQualifierInfo objects are represented by the ASN.1 structure: PolicyQualifierInfo ::= SEQUENCE { policyQualifierId PolicyQualifierId, qualifier ANY DEFINED BY policyQualifierId } PolicyQualifierId ::= OBJECT IDENTIFIER
CertPathValidatorSpi: The service provider interface ( SPI ) for the CertPathValidator class. Providers implementing certificate path validators must subclass this class and implement its abstract methods.
CertPathParameters: Parameters for generating and validating certificate paths. This class does not define any methods (except a required cloneable interface) and is provided only to provide type safety for implementations. Concrete implementations implement this interface in accord with thier own needs.
CertPathBuilderResult: A standard interface for the result of building a certificate path. All implementations of this class must provide a way to get the certificate path, but may also define additional methods for returning other result data generated by the certificate path builder.
CRL: Certificate Revocation List class for managing CRLs that have different formats but the same general use. They all serve as lists of revoked certificates and can be queried for a given certificate. Specialized CRLs extend this class.
CertPathBuilder: This class builds certificate paths (also called certificate chains), which can be used to establish trust for a particular certificate by building a path from a trusted certificate (a trust anchor) to the untrusted certificate.
CertificateFactory: This class implements the CertificateFactory class interface used to generate certificates, certificate revocation lists (CRLs), and certificate paths objects from their encoded forms.

Home | Contact Us | Privacy Policy | Terms of Service